27 matches found
CVE-2024-6228
The CVE-2024-6228 vulnerability affects the Notifications for Forms & WordPress Actions WordPress plugin (before version 2.6). It occurs because the plugin does not validate a user-supplied value when building a server-side file inclusion path, enabling authenticated users with subscriber-level a...
CVE-2024-6228 WANotifier < 2.6 - Subscriber+ LFI
The Notifications for Forms & WordPress Actions WordPress plugin before 2.6 does not validate a user-supplied value before using it to build a server-side file inclusion path, allowing authenticated users with subscriber-level access and above to include and execute arbitrary local PHP files on t...
CVE-2025-68020
Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through = 2.7.13...
CVE-2025-68020
Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through = 2.7.13...
CVE-2025-68020 WordPress Notifier plugin <= 2.7.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through = 2.7.13...
CVE-2025-68020
Missing Authorization vulnerability in WANotifier WANotifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WANotifier: from n/a through = 2.7.12...
CVE-2025-68020
CVE-2025-68020 affects the WANotifier WordPress plugin (versions through 2.7.12). The vulnerability is a Missing Authorization (Broken Access Control) issue in the notifier functionality, due to incorrectly configured access control security levels. This could allow an attacker to exploit the wea...
CVE-2025-68020 WordPress Notifier plugin <= 2.7.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through = 2.7.13...
PT-2026-4063
Name of the Vulnerable Software and Affected Versions WANotifier versions through 2.7.12 Description A missing authorization issue exists in WANotifier’s notifier functionality. This allows exploitation due to incorrectly configured access control security levels. Recommendations Update WANotifie...
WordPress Notifier plugin <= 2.7.13 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Notifier versions = 2.7.13...
EUVD-2025-18944
Malicious code in bioql PyPI...
CVE-2025-49976
Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through = 2.7.12...
CVE-2025-49976
Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through = 2.7.12...
CVE-2025-49976 WordPress WANotifier plugin <= 2.7.7 - Broken Access Control Vulnerability
Missing Authorization vulnerability in WANotifier WANotifier allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WANotifier: from n/a through 2.7.7...
CVE-2025-49976
CVE-2025-49976 concerns the WANotifier WordPress plugin (versions
CVE-2025-49976 WordPress WANotifier plugin <= 2.7.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through = 2.7.12...
WordPress plugin WANotifier 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2025-26344 · Unknown · Wanotifier
Name of the Vulnerable Software and Affected Versions: WANotifier versions through 2.7.7 Description: The issue is related to a Missing Authorization vulnerability in WANotifier, allowing the exploitation of incorrectly configured access control security levels. Recommendations: For versions...
WordPress WANotifier plugin <= 2.7.12 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nguyen Tran Tuan Dung domiee13 in WordPress Plugin Notifier versions = 2.7.12...
WordPress WANotifier plugin < 2.6.1 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Notifier versions 2.6.1...